Your API key is going to leak. Make sure the leaked one is disposable.
RelayKey keeps your real OpenAI, Anthropic, Grafana, Stripe, and internal API keys behind a relay. Every application, agent, script, vendor, and teammate gets a scoped key you can audit, limit, expire, and revoke.
Free forever for 1 protected key. No credit card.
or try the interactive demoreal_key = "sealed" app_key = "rk_app...8b3" agent_key = "rk_agent...2vZ" vendor_key = "rk_vendor...91k" # vendor_key leaked in a support ticket relaykey revoke rk_vendor...91k status: revoked real_key: untouched
- Real keys stay put
- Add the upstream key once. RelayKey encrypts it, keeps it out of applications and prompts, and swaps it in only at request time.
- Stolen keys can be blocked
- Human-held RelayKeys require email confirmation on new IPs. A RelayKey leaked from a laptop, repo, or Slack thread can hit 423 Locked before the upstream ever sees a request.
- Revoke without rotating production
- Kill one leaked RelayKey, inspect the audit log, and keep your real OpenAI, Anthropic, Grafana, or internal key untouched.
This is not theoretical.
API keys leak through GitHub commits, AI coding tools, logs, browser applications, screenshots, support tickets, Slack messages, contractors, CI output, and pasted .env files.
new hardcoded secrets hit public GitHub commits in 2025.
year-over-year growth in AI-service secret leaks.
secret leak rate for Claude Code-assisted commits versus baseline.
disclosed unauthorized access to a limited number of tokens through a GitHub workflow, then invalidated them.
Same API access. Stolen keys you can block or kill.
Your application, agent, or vendor uses the real production key. If it leaks, you rotate production credentials, investigate usage, update every dependent system, and hope nothing happened.
Every application, agent, and person gets a scoped RelayKey. If one leaks from a new network, 2FA blocks it before the upstream. If it leaks from trusted infrastructure, you revoke that key and keep the real production key protected.
Protect one real key. Issue many disposable keys.
A company does not think in internal nouns. It thinks, "This application needs an OpenAI key," "this agent needs Stripe access," or "this contractor needs temporary HubSpot access." RelayKey matches that model.
- Application keys. Give each production application, background job, or customer integration its own scoped RelayKey.
- Agent keys. Let Codex, Cursor, Claude, or an internal agent call APIs without putting real production secrets in prompts or files.
- People and vendors. Issue temporary access to teammates, contractors, and vendors without emailing or pasting the real key.
- Separate environments. Use different RelayKeys for dev, staging, production, CI, and support tooling.
- One-click containment. When a key leaks from a new IP, block it before the upstream. When it leaks from trusted infrastructure, revoke the specific RelayKey instead of rotating the real upstream key everywhere.
Application
Production application, server, background job, or customer integration.
AI agent
Codex, Cursor, Claude, MCP server, or internal workflow agent.
Person
Engineer, operator, support teammate, or analyst.
Vendor / contractor
Temporary external access with expiry and audit.
- Methods
- GET, POST
- Expires
- 7 days
- IP policy
- trusted only
- Audit
- every call
- Real upstream key protected
- 1
- Disposable RelayKeys issued
- Many
- Audited before forwarding
- Every call
- Revoke without rotation
- 1-click
Protect the keys your applications already use.
RelayKey works with OpenAI, Anthropic, Grafana, Stripe, and most REST APIs that use Bearer, Basic, header-based, query-string, or OAuth 2.0 client_credentials auth.
Three steps. No SDK. Plain HTTP.
Whoever needs to call the API already knows how to call a REST API. RelayKey puts a scoped, audited, revocable access layer between them and your real key.
Create a protected key
Paste your real upstream API key once. RelayKey encrypts it at rest and never echoes it back in the dashboard.
Issue disposable RelayKeys
Choose whether the key belongs to an application, agent, person, or vendor. Set the methods, paths, IP policy, and lifetime.
- owner: support-agent
- methods: GET, POST
- paths: /v1/responses, /v1/files/*
- expires: in 7d
Revoke the leaked one
The application, agent, or teammate calls proxy.relaykey.ai with the RelayKey. If it leaks, revoke that key and leave the real upstream key alone.
$ curl https://proxy.relaykey.ai/conn_openai/responses \
-H "Authorization: Bearer rk_proxy_..."Method and path allowlists, default-deny.
Every RelayKey gets an explicit list of HTTP methods and glob path patterns. Anything outside that scope returns 403 from RelayKey before the upstream call is made and shows up in the audit log. No more putting full-account production keys in applications.
{
"allowed_methods": ["GET"],
"allowed_paths": [
"/crm/v3/objects/contacts/*",
"/crm/v3/objects/companies/*"
],
"deny_query_params": ["associations"],
"ttl_seconds": 86400
}Every request, attributed.
RelayKey logs the timestamp, key owner, method, path, decision, and response code for every proxied request. Filter by application, agent, person, vendor, integration, or status. Export when you need it.
Stolen keys from new networks do not reach the upstream.
The first IP a key holder calls from is auto-trusted on the spot. Every new IP after that returns 423 Locked until they click a confirmation link in their inbox. A RelayKey leaked into a public repo, Slack thread, support ticket, or stolen laptop fails the second check before it can touch OpenAI, Stripe, Grafana, or your internal API.
RelayKey saw a request from a new IP for your support-agent key. The call was blocked until you confirm.
If this wasn't you, ignore this email - the request was blocked. Link expires in 24 hours.
Issue disposable keys from your own automations.
Give an AI agent or internal service a provisioner-scoped management key. It can mint short-lived RelayKeys within constraints you set, but it can never read or export the upstream key.
$ curl -X POST https://app.relaykey.ai/api/v1/delegated-credentials \ -H "Authorization: Bearer rk_mgmt_provisioner_..." \ -H "Content-Type: application/json" \ -d '{ "connection_id": "conn_a1b2c3", "name": "agent-run-2026-05-01", "allowed_methods": ["GET"], "allowed_paths": ["/crm/v3/objects/contacts/*"], "ttl_seconds": 900 }'
You can't prevent every leak. You can make the leaked key disposable.
Sign up, add a protected API key, and issue scoped RelayKeys for the applications, agents, people, and vendors that need access. Free forever for one protected key.
Building agents on RelayKey? Proxy reference (auth forwarding, headers, rate limits, audit shape) · Agent setup · llms.txt · OpenAPI